Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/e38kKGeuN1QRe38Lbsm6-5ssgeo.roa
File: e38kKGeuN1QRe38Lbsm6-5ssgeo.roa (raw, json)
Hash identifier: eBtaOP7+74u1S/0I/8ZB1bw7dYL4zqZO6zkssJwgQis=
Subject key identifier: 7B:7F:24:28:67:AE:37:54:11:7B:7F:0B:6E:C9:BA:FB:9B:2C:81:EA
Certificate issuer: /CN=09e5518e68467b4290c3509268b6d6d664962c86
Certificate serial: 01932A2F
Authority key identifier: 09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/e38kKGeuN1QRe38Lbsm6-5ssgeo.roa
Signing time: Wed 02 Feb 2022 15:18:46 +0000
ROA not before: Wed 02 Feb 2022 15:18:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31515
IP address blocks: 161.30.238.0/24 maxlen: 24
161.30.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26421807 (0x1932a2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e5518e68467b4290c3509268b6d6d664962c86
Validity
Not Before: Feb 2 15:18:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b7f242867ae3754117b7f0b6ec9bafb9b2c81ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:b2:83:e3:fe:f8:a2:34:c5:e2:9c:11:25:
bb:2e:ce:d2:f1:98:6b:57:85:b5:3d:51:b7:d8:9a:
b1:40:43:77:20:94:48:a5:de:f4:c3:81:95:a1:a1:
a3:45:39:22:18:dd:33:c0:f7:bc:7d:01:ed:fc:81:
12:00:53:78:6d:c0:b3:92:e6:8c:87:a1:6c:8a:c7:
e1:a5:00:72:36:b7:a3:f4:db:41:7b:90:77:46:79:
cf:4c:0e:cb:da:33:87:03:8f:da:74:95:1e:56:12:
0b:40:36:9e:ca:f6:ce:22:f7:49:2b:fa:10:54:90:
c5:83:96:b8:16:41:41:66:d0:ab:3e:e2:9e:d5:67:
38:58:2b:13:01:0e:4c:25:61:fa:9b:1a:7d:cf:60:
92:38:3f:c0:06:e3:38:5b:cc:46:27:a7:ee:d5:a1:
c3:d4:41:d5:1b:de:ad:c1:d9:ea:63:4f:50:b5:c3:
19:71:5e:4b:7c:aa:00:8f:01:63:1c:68:0b:0c:4c:
12:16:cc:83:49:13:76:a5:ac:9b:f9:c4:9c:17:f9:
3a:d3:c0:24:f9:34:82:14:dc:e0:90:0f:c3:9d:92:
6d:6b:46:c0:ab:1e:4a:2b:3a:7b:51:e3:18:12:34:
02:5b:68:28:24:40:aa:89:6a:0a:d4:9f:7a:68:8b:
63:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:7F:24:28:67:AE:37:54:11:7B:7F:0B:6E:C9:BA:FB:9B:2C:81:EA
X509v3 Authority Key Identifier:
keyid:09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/e38kKGeuN1QRe38Lbsm6-5ssgeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.30.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:10:41:d3:de:01:2c:91:d5:9c:4c:94:ba:18:57:eb:70:23:
2a:b8:b2:6d:10:a9:4e:00:dc:cf:9f:f2:df:1d:ec:12:ba:45:
6f:38:d5:bf:e2:6e:3a:c2:33:4d:54:6c:85:30:eb:79:d6:6f:
08:1f:36:8b:6c:62:22:f9:49:2f:16:56:7e:43:58:6c:71:ff:
7d:cb:0c:65:41:91:2b:1b:d9:e1:db:3f:a4:33:9c:6d:cd:06:
58:11:27:a2:93:2b:b1:6f:78:84:e0:cb:b9:6c:66:ab:7e:8c:
f8:4a:ff:a8:73:4c:f3:ae:1d:5b:1d:9f:fc:a6:b6:8e:18:68:
e8:b1:19:c4:49:2b:cc:34:52:ab:63:bb:c7:40:52:33:6a:ac:
88:a6:22:66:f7:d8:18:45:72:3d:72:a9:86:25:b0:d1:47:fe:
53:dd:c7:e7:89:92:b7:92:bf:39:83:8c:0a:95:16:ec:e2:06:
82:9e:a8:89:a9:fc:84:d7:ae:47:a2:5e:1f:44:1b:19:56:df:
ae:a2:43:bc:b8:ab:85:82:3f:97:0e:46:bf:0d:16:34:32:ee:
4b:4f:d7:ac:84:11:4b:11:31:e4:aa:6c:ed:02:08:c8:c8:42:
3e:ce:55:7a:40:1f:2c:24:40:68:9d:e4:e1:c5:1a:6a:95:c7:
46:e9:ec:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZMqLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWU1NTE4ZTY4NDY3YjQyOTBjMzUwOTI2OGI2ZDZkNjY0OTYyYzg2MB4XDTIyMDIw
MjE1MTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I3ZjI0Mjg2N2Fl
Mzc1NDExN2I3ZjBiNmVjOWJhZmI5YjJjODFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcgsoPj/viiNMXinBEluy7O0vGYa1eFtT1Rt9iasUBDdyCU
SKXe9MOBlaGho0U5IhjdM8D3vH0B7fyBEgBTeG3As5LmjIehbIrH4aUAcja3o/Tb
QXuQd0Z5z0wOy9ozhwOP2nSVHlYSC0A2nsr2ziL3SSv6EFSQxYOWuBZBQWbQqz7i
ntVnOFgrEwEOTCVh+psafc9gkjg/wAbjOFvMRien7tWhw9RB1RvercHZ6mNPULXD
GXFeS3yqAI8BYxxoCwxMEhbMg0kTdqWsm/nEnBf5OtPAJPk0ghTc4JAPw52SbWtG
wKseSis6e1HjGBI0AltoKCRAqolqCtSfemiLYz0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR7fyQoZ643VBF7fwtuybr7myyB6jAfBgNVHSMEGDAWgBQJ5VGOaEZ7QpDD
UJJottbWZJYshjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NlVlJqbWhHZTBLUXcxQ1NhTGJXMW1TV0xJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvMzAyODJjLTNjODItNDczMC1iOTVlLWU3NDU5NDg5ODNlZC8x
L2UzOGtLR2V1TjFRUmUzOExic202LTVzc2dlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
MzAyODJjLTNjODItNDczMC1iOTVlLWU3NDU5NDg5ODNlZC8xL0NlVlJqbWhHZTBL
UXcxQ1NhTGJXMW1TV0xJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqEe7DANBgkqhkiG9w0BAQsFAAOC
AQEAmxBB094BLJHVnEyUuhhX63AjKriybRCpTgDcz5/y3x3sErpFbzjVv+JuOsIz
TVRshTDredZvCB82i2xiIvlJLxZWfkNYbHH/fcsMZUGRKxvZ4ds/pDOcbc0GWBEn
opMrsW94hODLuWxmq36M+Er/qHNM864dWx2f/Ka2jhho6LEZxEkrzDRSq2O7x0BS
M2qsiKYiZvfYGEVyPXKphiWw0Uf+U93H54mSt5K/OYOMCpUW7OIGgp6oian8hNeu
R6JeH0QbGVbfrqJDvLirhYI/lw5Gvw0WNDLuS0/XrIQRSxEx5Kps7QIIyMhCPs5V
ekAfLCRAaJ3k4cUaapXHRunsjQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:00 2023 by rpki-client on console-fra.rpki-client.org